AOH :: HP Unsorted X :: VA1082.HTM

CMS PHPCart. XSS and Data Manipulation attacks



XSS and Data Manipulation attacks found in CMS PHPCart.
XSS and Data Manipulation attacks found in CMS PHPCart.



------=_Part_16826_25850460.1219895868416
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Dear Sir,

I have found that the CMS PHPCart is vulnerable to XSS attack and Data
Manuplation I have attached the poc with the mail...... this exploit
is found by me 'h4x0r'

I hope u will publish it soon.

Thanks,

h4x0r

--



-- 
Vaibhav Aher
ISO27001,C|EH
Security Consultant
+91 09225325661

------=_Part_16826_25850460.1219895868416
Content-Type: text/plain; name=phpcart.txt
Content-Transfer-Encoding: base64
X-Attachment-Id: f_fk9uwzc70
Content-Disposition: attachment; filename=phpcart.txt

IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
IyMjIyMjIyANCiMgICAgICAgLl9fXyAgICAgICAgICAgICBfXyAgICAgICAgICBfX19fX19fICAg
ICAgIC5fX18gICAgICAgICMgDQojICAgICBfX3wgXy9fX19fIF9fX19fX198ICB8IF9fIF9fX18g
XCAgIF8gIFwgICAgX198IF8vX19fXyAgICAjIA0KIyAgICAvIF9fIHxcX18gIFxcXyAgX18gXCAg
fC8gLy8gX19fXC8gIC9fXCAgXCAgLyBfXyB8LyBfXyBcICAgIyANCiMgICAvIC9fLyB8IC8gX18g
XHwgIHwgXC8gICAgPFwgIFxfX19cICBcXy8gICBcLyAvXy8gXCAgX19fLyAgICMgDQojICAgXF9f
X18gfChfX19fX18vX198ICB8X198XyBcXF9fX19fPlxfX19fXyAgL1xfX19fX3xcX19fX1wgICAj
IA0KIyAgICAgICAgXC8gICAgICAgICAgICAgICAgICBcLyAgICAgICAgICAgICBcLyAgICAgICAg
ICAgICAgICAgIyANCiMgICAgICAgICAgICAgICAgICAgX19fX19fX19fX18gICBfX19fX18gIF8g
IF9fICAgICAgICAgICAgICAgICMgDQojICAgICAgICAgICAgICAgICBfLyBfX19cXyAgX18gXF8v
IF9fIFwgXC8gXC8gLyAgICAgICAgICAgICAgICAjIA0KIyAgICAgICAgICAgICAgICAgXCAgXF9f
X3wgIHwgXC9cICBfX18vXCAgICAgLyAgICAgICAgICAgICAgICAgIyANCiMgICAgICAgICAgICAg
ICAgICBcX19fICA+X198ICAgIFxfX18gID5cL1xfLyAgICAgICAgICAgICAgICAgICMgDQojICAg
ICAgZXN0LjIwMDcgICAgICAgIFwvICAgICAgICAgICAgXC8gICBmb3J1bS5kYXJrYzBkZS5jb20g
ICAjIA0KIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
IyMjIyMjIyMjIyMjIyANCiMgLWQzaHlkcjggLSBzaW5uZXJfMDEgLSBiYWx0YXphciAtIFA0N3Ix
Y2sgLSBDMWM0VHIxWiAtIGJlZW51ICMgDQojIC1yc2F1cm9uICAtIGxldHNnb3J1biAtIEsxdSAt
IERPTiAtIE91dExhd3ogLSBNQUdFIC1KZVRGeXJFICAjIA0KIy1yNDVjNGwgLUJvbmQgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIyANCiMjIyMjIyMjIyMj
IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMgDQoj
IA0KIyBBdXRob3I6IGg0eDByIA0KIyANCiMgSG9tZSAgOiB3d3cuZGFya2MwZGUuY29tIA0KIyAN
CiMgRW1haWwgOiB2YWliaGF2YWhlckBnbWFpbC5jb20NCiMgDQojIFNoYXJlIHRoZSBjMGRlISAN
CiMgDQojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
IyMjIyMjIyMjIyMjIA0KIyANCiMgRXhwbG9pdDogTXVsdGlwbGUgZXhwbG9pdHMgKFhTUyAmIGRh
dGEgbWFuaXB1bGF0aW9uKSBpbiBQSFBDYXJ0IChQSFAgRUNvbW1lcmNlIFNob3BwaW5nIENhcnQg
U3lzdGVtICkgdjMuNCAtIDQuNi40IA0KIyANCiMgU29mdC5TaXRlOiBodHRwOi8vcGhwY2FydC5u
ZXQvDQojIA0KI0V4cGxvaXQgMTogWFNTDQojDQojIHBocENhcnQgaXMgYSBvcGVuIHNvdXJjZSB3
ZWIgYmFzZWQgcGhwIHNob3BwaW5nIGNhcnQgc3lzdGVtIGludGVncmF0ZSBmb3IgZWNvbW1lY2Ug
d2Vic2l0ZS4gQSB1c2VyIGNhbiBydW4gdGhlICNmb2xsb3dpbmcgc2NyaXB0IGluICJxdWFudGl0
eSIgZmVpbGQgYXMgIyAgIHdlbGwgYXMgIkFkZCBFbmdyYXZpbmciIGZlaWxkIG9yIGFueSBvdGhl
ciBmZWlsZCB3aGVyZSB3ZSBjYW4gbWF1YWxseSAjaW5qZWN0IHRoZSBzY3JpcHQsIHRvIGdldCB0
aGUgY3VycmVudCBjb29raWVzLg0KIyANCiMgUE9DMTotIGh0dHA6Ly93d3cuc2l0ZS5jb20vcGhw
Y2FydC8NCiMgIGxpa2UgPHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpOzwvc2NyaXB0PiBp
bnQgdGhlICJxdWFudGl0eSIgZmVpbGQgYXMgd2VsbCBhcyAiQWRkIEVuZ3JhdmluZyIgZmVpbGQg
b3IgYW55ICNvdGhlciBmZWlsZCwgdG8gZ2V0IHRoZSBjdXJyZW50IGNvb2tpZXMuDQojDQojIFBP
QzI6LSBodHRwOi8vd3d3LnNpdGUuY29tL3BocGNhcnQvcGhwY2FydC5waHAgICANCiMgSW5qZWN0
aW9uIG9mIFhTUyBzY3JpcHQgIlF1YW50aXR5IiBmZWlsZCBpcyBnaXZlcyB3aXRoIHRoZSBYU1Mg
YXR0YWNrLg0KIw0KIyBQT0MzOi0gaHR0cDovL3d3dy5zaXRlLmNvbS9waHBjYXJ0L3BocGNhcnQu
cGhwP2FjdGlvbj1jaGVja291dA0KIyBJbmplY3Rpb24gb2YgWFNTIHNjcmlwdCBpbiBpbnB1dCBm
ZWlsZCBsaWtlICJOYW1lIiAiQ29tcGFueSIgIkFkZHJlc3MsIEluY2x1ZGUgQ2l0eSAmIFByb3Yv
U3RhdGUiIGdpdmVzIHdpdGggdGhlICNYU1MgYXR0YWNrLg0KIw0KIyBMaXZlIERlbW86LSBodHRw
Oi8vcGhwY2FydC5uZXQvZGVtby9waHBjYXJ0Lw0KIyANCiMgDQojIEV4cGxvaXQgMjogRGF0YSBt
YW5pcHVsYXRpb24gDQojDQojREVTQ1JJUFRJT046IA0KI0EgdnVsbmVyYWJpbGl0eSBpbiBQSFBD
YXJ0LCB3aGljaCBjYW4gYmUgZXhwbG9pdGVkIGJ5IG1hbGljaW91cyBwZW9wbGUgdG8gbWFuaXB1
bGF0ZSBvcmRlcnMuIA0KI1RoZSBwcm9ibGVtIGlzIHRoYXQgdGhlICJwcmljZSIgYW5kICJwb3N0
YWdlIiBwYXJhbWV0ZXJzIGFyZSBub3QgcHJvcGVybHkgdmVyaWZpZWQgaW4gInBocGNhcnQucGhw
Ii4gVGhpcyBjYW4gYmUgI2V4cGxvaXRlZCB0byANCiNjaGFuZ2UgdGhlIHByaWNlIG9mIGEgcHJv
ZHVjdCBiZWluZyBib3VnaHQgYnkgbW9kaWZ5aW5nIHRoZSAicHJpY2UiIHBhcmFtZXRlciBkaXJl
Y3RseSB1c2luZyBhIGludGVybWVkaWF0ZSBwcm94eS4gDQojDQojUE9DOi0gaHR0cDovL3d3dy5z
aXRlLmNvbS9waHBjYXJ0L3BocGNhcnQucGhwDQojSXQgd2FzIGRpc2NvdmVyZWQgdGhhdCB0aGUg
bWFpbiBwcm9jZXNzIG9mIG9ubGluZSBtZXJjaGFudCBwYXltZW50IHdhcyBiYXNlZCBzb2xlbHkg
b24gY2xpZW50LXNpZGUgdmVyaWZpY2F0aW9uLg0KI1RoZSBQSFAgbW9kdWxlIChwaHBjYXJ0LnBo
cCkgcmVjZWl2ZWQgdGhlIHBheW1lbnQgYW1vdW50IGZyb20gdGhlIGNsaWVudC1zaWRlLCBmb3J3
YXJkcyB0aGUgYW1vdW50IGFuZCBzZW5kcyBiYWNrIA0KI3RoZSB0b3RhbCBwcmljZSB0byB0aGUg
YmFja2VuZCBzZXJ2ZXIgZm9yIGZ1cnRoZXIgcGF5bWVudCBwcm9jZXNzLiANCiNUaGVyZSB3YXMg
bm8gcHJvcGVyIHZhbGlkYXRpb24gbWVjaGFuaXNtIGF0IHRoZSBiYWNrZW5kIHRvIHZhbGlkYXRl
IHRoZSBkYXRhIHdoaWNoIGhhZCBiZWVuIHN1Ym1pdHRlZCBieSB0aGUgUEhQIG1vZHVsZS4gDQoj
UG90ZW50aWFsIGF0dGFja2VycyBjb3VsZCB0YW1wZXIgdGhlIGRhdGEgYW5kIG1vZGlmeSB0aGUg
dG90YWwgYW1vdW50LiAgDQojQmVmb3JlIHRoZSB0cmFuc2FjdGlvbiBlbnRlcnMgdGhlIG1lcmNo
YW50IGdhdGUgd2F5IHdlIGNhcHR1cmVkIHRoZSBkYXRhIHVzaW5nIGludGVybWVkaWF0ZSBwcm94
eSBhbmQgdGhlIHRvdGFsIGFtb3VudCBzaG93biBhcyAkWFggYXMgc2hvd24gd2FzIHRhbXBlcmVk
IGFuZCBjaGFuZ2VkLg0KIw0KI1BPQyBFeGFtcGxlOiAgIA0KI0V4dHJhY3QgcHJpY2Ugb2YgcHVy
Y2hhc2U6LQ0KI0lEIAlEZXNjcmlwdGlvbiAJICAgICAgIFByaWNlICAgCVF0eS4gCUFtb3VudCAg
DQojR0IxMDAwCUdvbGYgQmFsbHMgLSBMb25nIERpc3RhbmNlIAkxICAgICAgICQyOC45NQkrICQx
NCBzaGlwcGluZyBjaGFyZ2VzIHNvIHRvdGFsIGFtb3VudCBpcyA0Mi45NSANCiMNCiNJbnRlcmNl
cHQgYmVmb3JlIG1hbmlwdWxhaW9uOi0NCiNBZnRlciB0aGUgVmVyaWZpY2F0aW9uIGZvcm0gd2hl
biB0aGUgcGFnZSBpcyByZWRpcmVjdGluZyB0byBwYXltZW50IGdhdGV3YXkgdGhlIHBhZ2UgaXMg
aW50ZXJtZWRpYXRlZC4gVGhlIGdhdGV3YXkgc2VsZWN0ZWQgaXMgUGF5cGFsLg0KIw0KI1VzZXIt
QWdlbnQ6IE9wZXJhLzkuMjYgKFdpbmRvd3MgTlQgNS4xOyBVOyBlbikNCiNIb3N0OiB3d3cucGF5
cGFsLmNvbQ0KI0FjY2VwdDogdGV4dC9odG1sLCBhcHBsaWNhdGlvbi94bWw7cT0wLjksIGFwcGxp
Y2F0aW9uL3hodG1sK3htbCwgaW1hZ2UvcG5nLCBpbWFnZS9qcGVnLCBpbWFnZS9naWYsIGltYWdl
L3gteGJpdG1hcCwgKi8qO3E9MC4xIw0KI0FjY2VwdC1MYW5ndWFnZTogZW4tVVMsZW47cT0wLjkN
CiNBY2NlcHQtQ2hhcnNldDogaXNvLTg4NTktMSwgdXRmLTgsIHV0Zi0xNiwgKjtxPTAuMQ0KI0Fj
Y2VwdC1FbmNvZGluZzogZGVmbGF0ZSwgZ3ppcCwgeC1nemlwLCBpZGVudGl0eSwgKjtxPTANCiNS
ZWZlcmVyOiBodHRwOi8vd3d3LnBocGNhcnQubmV0L2RlbW8vcGhwY2FydC9waHBjYXJ0LnBocA0K
I0Nvb2tpZTogS0hjbDBFdVk3QUtTTWdmdkhsN0o1RTdoUHRLPVZEcnVrZDI5RFB2bmtUcVZGVVNl
RzUyZ1IyaUFYMjJwaVFIYWdFR2hVDQojQ29va2llMjogJFZlcnNpb249MQ0KI0Nvbm5lY3Rpb246
IEtlZXAtQWxpdmUsIFRFDQojVEU6IGRlZmxhdGUsIGd6aXAsIGNodW5rZWQsIGlkZW50aXR5LCB0
cmFpbGVycw0KI0NvbnRlbnQtVHlwZTogYXBwbGljYXRpb24veC13d3ctZm9ybS11cmxlbmNvZGVk
DQojQ29udGVudC1MZW5ndGg6IDI4Ng0KIw0KI2NtZD1feGNsaWNrJnVwbG9hZD0xJmN1cnJlbmN5
X2NvZGU9VVNEJmJ1c2luZXNzPXNhbGVzJTQwcGhwY2FydC5uZXQmbm90aWZ5X3VybD0mDQojaXRl
bV9uYW1lPVNob3BwaW5nK0NhcnQrT3JkZXIrLStCMTdCM0E1N0QmcmV0dXJuPSZjYW5jZWxfcmV0
dXJuPSZpbnZvaWNlPUIxN0IzQTU3RCYNCiNmaXJzdG5hbWU9eHl6Jmxhc3RuYW1lPXFkcWQmYWRk
cmVzczE9c2ZzZiZhZGRyZXNzMj1zZGZzZiZjaXR5PXNkZnNmJnN0YXRlPU5FJnppcD1zZnNmJnJt
PTImYW1vdW50PTQyLjk1JmhhbmRsaW5nX2NhcnQ9MTguMDANCiMgDQojSGVyZSBwcmljZT00Mi45
NSB3YXMgdGFtcGVyZWQgYW5kIG1hbmlwdWxhdGVkIHRvIDEuOTUgDQojYW5kIHUgY2FuIHNlZSB0
aGF0IHRoZSBwcmljZSBvbiB0aGUgcGF5cGFsIGdhdGV3YXkgd2lsbCBiZSAxLjk1JC4NCiMNCiMg
TGl2ZSBEZW1vOi0gaHR0cDovL3BocGNhcnQubmV0L2RlbW8vcGhwY2FydC8NCiMgDQojIERvcms6
LSBwaHBjYXJ0L3BocGNhcnQucGhwPyANCiMgRG9yazotIFBvd2VyZWQgYnkgcGhwQ2FydA0KIw0K
Iw0KIw0KIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
IyMjIyMjIyMjIyMjIyA------=_Part_16826_25850460.1219895868416--

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.